Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Mageia: 2021-0578 Moderate: Thrift Denial Of Service Vulnerability

mageia
Calendar Grey December 23, 2021
Dist Mageia Esm H88
Hostile users create memory problems in Thrift, resulting in service disruption. Mageia's update notes provide additional information.
Malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service

Summary

Malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.

References

- https://bugs.mageia.org/show_bug.cgi?id=28380

- https://www.openwall.com/lists/oss-security/2021/02/11/2

- https://www.cve.org/CVERecord?id=CVE-2020-13949

Topics%20covered

Topics Covered

security advisory denial of service moderate severity memory allocation Mageia Thrift RPC attack

Resolution

SRPMS

- 8/core/thrift-0.14.0-1.mga8

- 8/core/golang-github-apache-thrift-0.14.0-1.mga8

Publication date: 23 Dec 2021
URL: https://advisories.mageia.org/MGASA-2021-0578.html
Type: security
CVE: CVE-2020-13949

Topics%20covered

Topics Covered

security advisory denial of service moderate severity memory allocation Mageia Thrift RPC attack

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here